One benefit of standardization within any manufacturing domain is the regularity and commonality that makes product development more cost efficient. For example, the “learning curve” for design techniques can be amortized across a number of products and product releases, thus reducing the overall development cost. Manufacturing efficiencies may also be achieved. For example, common parts and/or components may be used for construction. This commonality allows the manufacturing to be organized in such a fashion as to exploit at common infrastructure as well as purchases of the common elements in volume which may also reduce the overall system cost. Furthermore when a standard is adopted, the end-users of a standardized product line may become productive more quickly. One reason is the “learning curve” for product usage is reduced since the end-users may already be familiar with a given model or a previous version which is substantially similar.
In addition to benefits in development and usage, another benefit to standardization exists in maintenance across product lines. One reason is that the maintenance of standardized product lines becomes easier since there is a common, standard model for the range of products. Although the discussion above is most obviously relevant to physical manufacturing, it is absolutely true that all of these points are also applicable to the development of computing systems, both hardware and software.
Unfortunately, there are several problems that may occur with standardization in both physical manufacturing and computing applications. One problem with standardization has to do with defects. If the standard model used for manufacturing has a defect, then all of the reproduced instances of the model will share the common defect. This is especially problematic in ubiquitous software environments. When a security defect becomes public knowledge, then hackers may exploit the vulnerability across system instances which have not had the defect repaired.
The use of a standard operating environment across the millions of machines in use today has created a computational mono-culture. By definition, a program which works on one instance of a standard computer environment will work on any instance of that environment. Although a computational mono-culture is generally highly beneficial, it creates opportunities for the development and distribution of malicious programs.
Computer viruses exploit the computational mono-culture in two ways: (1) publicly revealed security breaches are likely to be uncorrected in a large percentage of machines which are operated by security illiterate individuals; and (2)any malicious program (payload) built to exploit the breach will probably run unchanged on a large number (millions) of machines with the same installed software. Once a computer virus gets past the security perimeter of the victim machine, the payload (a program) may divert the victim machine to the virus writer's intentions. For example, the victim machine may be used for the malicious destruction of information (vandalism), identity theft, espionage (e.g., theft of intellectual property), use of the victim computer as a zombie, for use in distributing spam, or to participate in a coordinated distributed denial of service (DDOS) attack.
The effort to develop and distribute a computer virus is facilitated by the computational mono-culture that currently exists. Although the effort to build a single virus instance (which can bypass existing security capabilities) may be high, the effort is rewarded because the virus can propagate across the mono-culture. This is one of the inherent problems of standardization of computer platforms.
In addition to the problem of standardization of computer platforms, a social engineering aspect of computer security exists which cannot be solved simply through technical means. For example, individuals can be deceived by an attacker to reveal information which might permit a hacker to breach a security perimeter for a collection of machines. When such a breach is achieved upon the given machine, the payload may propagate across other machines which share a common network with the breached machine.
Current anti-virus software has provided one possible solution to protecting computers from attacks. However, one problem with the current anti-virus software is the problem of trying to detect malicious patterns in programs from the range of possible patterns found within all programs. Most anti-virus programs are inherently reactive, since a pattern is only known about after an infection has been established, recorded and analyzed. In addition, the failure of anti-virus systems may be expensive. Hence, the current limitations of existing anti-virus software with their system of updates of virus pattern sets, the computational overhead of continually scanning the computer to search for malicious patterns, and the expense of failure are significant limitations in the protection of computer systems.
Since no anti-virus system is perfect, especially given the “social engineering” gateway to infection, a need exists for a mechanism to substantially reduce the risks inherent in the current computational mono-culture, without sacrificing the benefits of standardization.